diff -r eb8b23f11744 -r 59cce2313f9d includes/sessions.php --- a/includes/sessions.php Sun Jan 04 00:55:40 2009 -0500 +++ b/includes/sessions.php Sun Jan 04 01:43:16 2009 -0500 @@ -782,22 +782,27 @@ // The user's password is stored using the obsolete and insecure MD5 algorithm - we'll update the field with the new password if(md5($password) === $row['password']) { - $hmac_secret = AESCrypt::randkey(20); - $password_hmac = hmac_sha1($password, $hmac_secret); - $this->sql('UPDATE '.table_prefix."users SET password = '$password_hmac', password_salt = '$hmac_secret', old_encryption = 0 WHERE user_id={$row['user_id']};"); + if ( !defined('IN_ENANO_UPGRADE') ) + { + $hmac_secret = hexencode(AESCrypt::randkey(20), '', ''); + $password_hmac = hmac_sha1($password, $hmac_secret); + $this->sql('UPDATE '.table_prefix."users SET password = '$password_hmac', password_salt = '$hmac_secret', old_encryption = 0 WHERE user_id={$row['user_id']};"); + } $success = true; } } - else if ( $row['old_encryption'] == 2 ) + else if ( $row['old_encryption'] == 2 || defined('ENANO_UPGRADE_USE_AES_PASSWORDS') ) { // Our password field uses the 1.0RC1-1.1.5 encryption format $real_pass = $aes->decrypt($row['password'], $this->private_key); if($password === $real_pass) { - $success = true; - $hmac_secret = AESCrypt::randkey(20); - $password_hmac = hmac_sha1($password, $hmac_secret); - $this->sql('UPDATE '.table_prefix."users SET password = '$password_hmac', password_salt = '$hmac_secret', old_encryption = 0 WHERE user_id={$row['user_id']};"); + if ( !defined('IN_ENANO_UPGRADE') ) + { + $hmac_secret = hexencode(AESCrypt::randkey(20), '', ''); + $password_hmac = hmac_sha1($password, $hmac_secret); + $this->sql('UPDATE '.table_prefix."users SET password = '$password_hmac', password_salt = '$hmac_secret', old_encryption = 0 WHERE user_id={$row['user_id']};"); + } $success = true; } } @@ -818,7 +823,7 @@ 'success' => false, 'error' => 'too_big_for_britches' ); - $sess = $this->register_session($row['user_id'], $username, $password_hmac, $level, $remember); + $sess = $this->register_session($row['user_id'], $username, ( isset($password_hmac) ? $password_hmac : $password ), $level, $remember); if($sess) { if($level > USER_LEVEL_MEMBER) @@ -927,7 +932,14 @@ } // Session key - $session_key = hmac_sha1($password_hmac, $salt); + if ( defined('ENANO_UPGRADE_USE_AES_PASSWORDS') ) + { + $session_key = $this->pk_encrypt("u=$username;p=" . sha1($password_hmac) . ";s=$salt"); + } + else + { + $session_key = hmac_sha1($password_hmac, $salt); + } // Type of key $key_type = ( $level > USER_LEVEL_MEMBER ) ? SK_ELEV : ( $remember ? SK_LONG : SK_SHORT ); @@ -935,10 +947,8 @@ // If we're registering an elevated-privilege key, it needs to be on GET if($level > USER_LEVEL_MEMBER) { - // Reverse it - cosmetic only ;-) - $hexkey = $session_key; - $this->sid_super = $hexkey; - $_GET['auth'] = $hexkey; + $this->sid_super = $session_key; + $_GET['auth'] = $session_key; } else { @@ -1067,21 +1077,20 @@ global $db, $session, $paths, $template, $plugins; // Common objects // No valid use except during upgrades - if ( !preg_match('/^upg-/', enano_version()) || !defined('IN_ENANO_UPGRADE') ) + if ( !preg_match('/^upg-/', enano_version()) && !defined('IN_ENANO_UPGRADE') ) return false; - $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); - $decrypted_key = $aes->decrypt($key, $this->private_key, ENC_HEX); + $decrypted_key = $this->pk_decrypt($key); if ( !$decrypted_key ) { // die_semicritical('AES encryption error', '
Something went wrong during the AES decryption process.
'.print_r($decrypted_key, true).''); return false; } - $n = preg_match('/^u='.$this->valid_username.';p=([A-Fa-f0-9]+?);s=([A-Fa-f0-9]+?)$/', $decrypted_key, $keydata); + $n = preg_match('/^u='.$this->valid_username.';p=([A-Fa-f0-9]+?);s=(.{32})$/', $decrypted_key, $keydata); if($n < 1) { - // echo '(debug) $session->validate_session: Key does not match regex